I have NIS 2012 (v19.7.0.9) installed on my Win7 Pro x64 laptop and it is working fine. It is a 3-PC license and all 3 installations are used. The remaining 2 licenses are installed on other WinXP desktop PCs.
I have Windows Virtual PC - Windows XP Mode installed on this laptop to run some older programs. This is also working fine.
My question is this - do I need a separate antivirus program installed in the Virtual PC XP Mode? If I have internet activity going on from within the XP Mode VM, does that internet traffic go through NIS which I have installed on Win7, or do I need an additional antivirus program installed within XP Mode?
I have NIS 2012 (v19.7.0.9) installed on my Win7 Pro x64 laptop and it is working fine. It is a 3-PC license and all 3 installations are used. The remaining 2 licenses are installed on other WinXP desktop PCs.
I have Windows Virtual PC - Windows XP Mode installed on this laptop to run some older programs. This is also working fine.
My question is this - do I need a separate antivirus program installed in the Virtual PC XP Mode? If I have internet activity going on from within the XP Mode VM, does that internet traffic go through NIS which I have installed on Win7, or do I need an additional antivirus program installed within XP Mode?
Let's double check about activations in VMs unless you have done it -- my recollection is that an activation is used up in VMs unlike with dual booting as isolated OS's.
I haven't tried installing NIS in the VM yet. I have been running MSE just to have something because I wasn't sure if I needed an a/v in the VM or not, which is why I posted the question.
Thanks for asking, Gary.... I realize your question was whether the VM was in fact protected by its host. I have gotten the impression from here and elsewhere that it is not, if it has any contact with the outside world, which could be internet but equally could be reading a file from a disk or thumbdrive ....
I've asked for clarification of what I'd seen earlier but that ended up not entirely clear on the point of activations.
I had checked the same scenario a while back in an imac running Windows7 in Virtualbox. I have N360 in Win7 and NIS for mac in the Host. I downloaded some malicious files from malware domainlist website and got the prompt from NIS installed in mac stating malicious connection blocked, N360 didn't prompted anything, because the Internet Connection is only shared by the VM and not a separate connection. So the Host machine AV moniters the Internet Traffic and blocks anything malicious. And as the malicious communication is blocked already by the Host AV, N360 didnt prompted anything.
Same applies to the files you download in Vm, because if you download a file it gets stored in the Virtual Hard Disk space you had allocated and that Virtual HDD space is located in the Host Machine only. So that too gets scanned by the Host Machines AV. I hope i made my comment clear.... Feel free to correct me and give your Comments about it.
I would not pay too much attention to me on Virutal Machines since I've not used them and I don't know the "status" of the host when the VM is running
I am very likely wrong about the host security not protecting the VM since I said somewhere recently that since the VM is just a bunch of files running under the host and "pretending" to be an operating system the user in that case should not have assumed that it was safe to play with a rootkit to see what it did since if it infected the drive itself then the host could be affected.
But even that logic may be wrong since we are dealing with computers ....
What I was more categoric about was that we need to check on the question of whether a Norton security application installed on a VM requires an additional activation or not ... on that I don't have a areply yet from the person who was dealing with multiboot activations ....
Well... if I'm reading these replies correctly, then I'm still unsure.
Hugh seems to think that the host a/v does not protect the VM, but Subash's reply says that the host a/v does protect the VM.
When I get a minute, I guess I can download the the EICAR test file from within the VM and see what happens.
Hi,
Quick fix suggestion. You have a 3PC subscription with all three in use. Install Norton on the VM and see if your key will activate it or you get an error message. If it activates, problem solved. If not, then you will need an additional subscription.
Dick, you will find that it takes a seperate license to run a Norton product in a VM since the "hardware" of a virtual machine is different than the host system. (most of it is virtualized).
Subash, I think you will find that the behavior for a windows VPC is different than a Mac.
Files downloaded into a Virtual PC do not "pass through" the host system so they can't be scanned or intercepted by a AV installed on the host. I can download and run the Eicar test virus in a VM and NIS on the host system doesn't bloack it in any way.
I'm not familar with how a Mac does virulization but it seems like it must be sending the files from the host into the VM.
As for NIS scanning the virtual had drive, it can't do that either.
Norton products do not support .vhd files as "containers" like it does with archives like zips and rars.
Although it really should support them, it's a very common format.
You can right click and scan the vhd files but it only scans tham as 1 file, Norton is not able to scan the files inside the container.
In order to do a manual scan of the contents of a VHD, the easiest way if your using windows 7 is to use disk management to mount the vhd as a hard drive and then scan it like you would a normal drive.
You also could "share" the VHD wile it is in use and scan it like a network drive but it should be considered bad practice to share the root of another system over the network.
Thanks for the information. I did not kow for sure and I haven't found an answer elsewhere so I made my suggestion. Your response has saved that user the effort of trying and failiing, again thank you.
It has been clarified, a virtual machine is a different hardware platform than the physical system.
That makes it a different computer, it does not matter that it's running inside a program (virtual pc) that is installed on the physical system. The "BIOS" and therefore the "motherboard" are virtulized and so are the hard drive controllers, hard drives, sound card, CD-Rom, and even the ACPI. The "Network adapater" although it appears to be the phyical NIC actually works through a "bridge".
You can verify this with an activated version of windows, if you restore an image even an image of the physical OS into a VM it's going to prompt for activation because the hardware enviroment is completely different.
I'm saying this from experiance, I have personally done each and every thing I have commented on here.
I have been using virtual PC's for many years and I think I have around 15 of them at the moment.
There is a point that in private discussions was left up in the air -- it's not to do with physical reality so I don't want to discuss it in public until it is clarified.
Well, I had no idea my question would prompt so many replies. Thanks for all the input. Your posts made for some interesting reading and I learned a few things.
After a busy day working on the "honey-do" list, I had some time this evening to test the EICAR file. I started the VM and then started IE8 in it. I downloaded the file from the EICAR site and low-and-behold, NIS running in the host Win7 OS saw and blocked the download. It never got as far as even being seen by MSE running in the VM.
I guess that answered my question. It seems I do not need to install NIS in the WinXP VM. I probably don't even need MSE, but since it's free, I guess I'll leave it there and running.
Well, I had no idea my question would prompt so many replies. Thanks for all the input. Your posts made for some interesting reading and I learned a few things.
After a busy day working on the "honey-do" list, I had some time this evening to test the EICAR file. I started the VM and then started IE8 in it. I downloaded the file from the EICAR site and low-and-behold, NIS running in the host Win7 OS saw and blocked the download. It never got as far as even being seen by MSE running in the VM.
I guess that answered my question. It seems I do not need to install NIS in the WinXP VM. I probably don't even need MSE, but since it's free, I guess I'll leave it there and running.
Thanks again for all your input,
Gary
Gary,
Thanks for the feedback. We all learned a bit or two.
Hope your honey do isn't as long as mine.
Please do leave MSE on the VM system. Keep both Norton and MSE current. No one security program is going to protect you from every threat all of the time. That's just one of the hard facts. Security is always trying to catch up and out guess the bad guys/gals but that isn't always perfect.
The "honey-do" list is written on legal sized paper - 2 columns - both sides.
I plan on leaving MSE right where it is. I do very web little surfing from within the VM. I mainly have it to run Windows Live Mail for compatibility with my primary PC which is a WinXP desktop. WLM under Win7 is not compatible withWLM under WinXP, so I have to run WLM in the VM. Clicking on a link in an email therefore, starts IE8 in the VM.
You can get infected from webmail ..... so IMO you need a security program on your VM if only to deal with the malware a user unwittingly can invite in.
Your using the network setting: Shared Networking (NAT)
That sets up something very similar to internet connection sharing. All the internet traffic is coming from the internet to your physical network adapter and then goes to your virtual pc and virtual NIC through internet connection sharing.
Internet > Real NIC > internet connection sharing > Virtual PC
The internet traffic passes through your physical system and can be inspected by file insight.
I set mine for NAT and the eicar files get detected too.
I normally don't use NAT, as in the screenshot above all my VPC's are set to the physical adapter.
Internet > Virtual PC
Whats called a "bridge" is used to allow 2 systems to share a single NIC directly by letting them "take turns" using the NIC as traffic is needed. Basically 2 direct internet connections without having to use NAT.
Since there is no NAT and no traffic going through the host operating system, nothing can get inspected or blocked.
The main reason I don't use NAT is that I can set each VPC as a fixed IP address and it's easier to network them together and through a router when they are all treated as seperate systems like that.
I'm not using them as "XP Mode", I'm using them as complete virtual PC's.
Feel free to correct me and give your Comments about it. 
Thanks for all the input. 
